Exchange mailbox and disabled AD accounts

Something I've always wondered what *should* be the correct answer to :)

I'm running Exchange 2007 SP2 and AD 2008.

Let's say I have a mailbox named Temp1 used by a casual worker. She leaves, so we disable her AD account.

Should I still be able to access her mailbox, assuming I have Full Mailbox access, either via my OWA or my Outlook profile?

Is the only way I can't access this mailbox when I try and actually log in as Temp1?

Secondly, let's say I then deleted the Temp1 AD account using ADUC. I know the Exchange mailbox still lives in the EDB database for another 35 days, but in disconnnected state, am I correct (well it was in E2003)? Should I still be able to access this mailbox now in the same fashion as before?

Thirdly, in either situation, what happens if people email the Temp1 mailbox?

Finally, can email forwarding work when the associated AD account is disabled/deleted?

No, if the primary user account is disabled you won't be able to access the mailbox the same is true if it has been disconnected. There is one exception to this rule and that is the shared mailbox in Exchange 2010.

What I normally do is reset the users password if I need access to their email, etc or need to set up forwarding. I usually do this for about 30 days until email access is no longer needed

Also, you asked how else you could access their mailbox rather than loggin in with their username. You can access it also by going to Outlook client --> File --> Open --> other users' folder and then type in their name and click ok. If you have full access it should open their email. (if the account is not disabled.

If you need access, the best practice is to export the mailbox (the server literally creates a pst) and then either import it into another account, or just attach the pst file in outlook (depending on if you're transferring old email to a new person who will fill that position, or just looking at the old email for a bit).

But once the primary user is disabled forwarding is the only thing that should work. And a disconnect should just leave the MB around for a reconnect at a later date (up to {by default} 30 days later)

> Unless it's a resource mailbox or shared mailbox then accessing the mailbox when the primary user account is disabled is not possible

How do you define a shared mailbox though? Going back to my example, if I gave myself Full Mailbox Access to Temp1 mailbox, and then disabled the Temp1 AD account, would I still be able to acccess the Temp1 mailbox if it was added to my Outlook profile?